Stealing Bitcoin with a Name and a Phone Number
cryptocurrency·@hursh·
0.000 HBDStealing Bitcoin with a Name and a Phone Number
<html> <p>Researchers from fantastic technologies these days confirmed forbes how, using handiest a name and a phone range, hackers are able to compromise someone’s google account, and use it to get to that man or woman’s bitcoins or financial institution account.</p> <p>Hackers can try this the usage of a flaw inside the global telecoms network, that affects what’s called signaling system no. 7 (ss7). In an indication video, researchers have been able to take manage of a coinbase account and do anything they desired to with its finances, via an ss7 flaw. Taking into account that coinbase has over 10.4 million users, a variety of bitcoiners are at threat.</p> <p>An ss7 weakness basically lets in every body with get right of entry to to the telecoms backbone to ship and obtain messages from unique cell phones, with a few assaults allowing texts, calls, and vicinity records to be intercepted by the hackers.</p> <p>Tremendous technology’ researchers first used gmail to find an e mail account with just a cellphone variety. Then, they reset that account’s password, which precipitated a one-time authorization code to be sent to the victim’s telephone. The use of their ss7 exploit, they intercepted the text and got the code, efficiently taking manipulate of the account. Then, they did the same aspect to the victim’s coinbase account, as shown in the video beneath:</p> <p>https://youtu.be/mLh1Nmqa6OM</p> <p>The biggest barrier preventing hackers from acting those forms of assaults is access to the ss7 community itself. Superb technology’ researchers had get right of entry to to it for research purposes and to help network operators enhance security. Malicious hackers would have to shop for get entry to, or hack their manner in. In keeping with kurbatov access can be bought in dark web web sites.</p> <p>Retaining your bitcoin safe from ss7 assaults</p> <p>Whilst this sort of assault appears frightening, there is a way to cozy your bitcoins if they are in a google account-connected pockets: forestall the use of sms for 2-thing authentication. Ss7 attacks, according to forbes, don’t paintings whilst the 2-component authentication device is based totally on one-time codes – like with google’s authenticator app.</p> <p>Apps like google authenticator are more secure, so much so that coinbase’s vp of operations, daniel romero, has been reaching out to customers about converting sms-based totally -component authentication to apps like those. He said:</p> <p>Whilst this sort of assault appears frightening, there is a way to cozy your bitcoins if they are in a google account-connected pockets: forestall the use of sms for 2-thing authentication. Ss7 attacks, according to forbes, don’t paintings whilst the 2-component authentication device is based totally on one-time codes – like with google’s authenticator app. Apps like google authenticator are more secure, so much so that coinbase’s vp of operations, daniel romero, has been reaching out to customers about converting sms-based totally -component authentication to apps like those. </p> </html>